Within the field of computing, many scenarios involve an execution of applications within a virtual environment of a device, such as web applications executing within a web browser; code that is developed for a computational environment other than that provided by the device (e.g., Java code designed for a Java virtual machine); and untrusted code executing within an isolated virtual machine. The execution of the application within the virtual machine, rather than as a native process of the device, may facilitate the compatibility and security of the application during execution.
Such applications often invoke requests directed to a hardware or software component of the device. For example, a graphics hardware component may provide a rendering function (e.g., rendering an image of a three-dimensional scene) that may be invoked by various applications execution on the device. Such hardware components may be readily accessible to native applications executing with the computing environment of the device, and may be exposed on a more limited basis to applications executing within a virtual environment of the device. For example, a graphics rendering component may provide comparatively low-level and extensive access by applications, and may provide more constrained rendering capabilities on behalf of web applications executing within a web browser. Such restrictions may be implemented as selected and/or appropriate in view of a less trusted code environment provided by the virtual environment (e.g., code running in a web browser is typically ascribed a lower level of trust than native code that has been installed on the device) and/or based on abstractions of the components within the virtual environment (e.g., rather than providing device-specific capabilities of a hardware component, a virtual environment may present a generalized set of capabilities supported by many hardware components and devices). Finally, many virtual environments may enable the application to invoke the capabilities of the devices, but may block execution of the application until the invocation of the capabilities of the device is complete.